Solved

How to restrict inbound and outbound internet e-mail traffic from and to active directory group

Posted on 2008-09-29
4
440 Views
Last Modified: 2011-10-19
We pretend to allow only a list of inbound/outbound emails address to an Active Directory Group.

It's factible in a Exchange 2003 scenario?

user@mydomain.com will permit only e-mails from user@partner.com, user@partner2.com
user@mydomain.com will send e-mails only to user@partner.com, user@partner2.com

This users are grouped in Active directory.  The contacts of partners exists in AD

any suggestion?

BADBOY
0
Comment
Question by:bad3000
  • 2
  • 2
4 Comments
 
LVL 16

Assisted Solution

by:robrandon
robrandon earned 40 total points
ID: 22597647
On the Exchange General tab for the DL and Contacts you can set which accounts it can receive from.  Just add such accounts to that listbox.

0
 
LVL 1

Author Comment

by:bad3000
ID: 22601353
I've set as is shown in the attached file
It started to work for inbound email after MSExchangeSA service was restarted.

But how i tell Exchange to send email only to a list, there is no setting here to "Deliver only to"

thnks
exchange-user.jpg
0
 
LVL 16

Assisted Solution

by:robrandon
robrandon earned 40 total points
ID: 22605594
So you want to setup an account that can only send to particular addresses?  I'm not sure that is possible.

I thought you were trying to restrict the sending to a DL and to Contacts.  Both, the DL and the Contacts will have the properties window in your screenshot so you can restrict who can send to them.

0
 
LVL 1

Accepted Solution

by:
bad3000 earned 0 total points
ID: 22650988
For Outbound filtering:
- We set a Outbound Rule in the gateway antispam server (Symantec Mail Security for SMTP)
- We apply the action of delete the message when it came from "Restricted Outbound Users" LDAP Group in sync with AD GC
- We set a exception when Recipient Envelope has one of the authorized domains
- It cannot be set user by user, but the outbound rule applies for any LDAP group, so i can restrict some groups with only one member.
- I can apply authorized domains o specific e-mail addresses for any LDAP Group

For Inbound Filtering:
robrandon and the suggestion stated was perfect.
- we also need to permit internal mails and some external contacts only so we cannot mark "Authenticated Users Only"
- we created a Exchange Query Based Group with all internal users in a LDAP Query and we added it to the dialog box "only from"

that's all

BADBOY
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question